chore(backend): update OpenAPI specs

[wilsonianb]

Changes proposed in this pull request

Context

• fixes Update backend OpenAPI specs #740

Checklist

• Related issues linked using fixes #number
• Tests added/updated
• Documentation added
• Make sure that all checks pass

[sabineschaller]

I'm confused, why are we fetching the specs now instead of updating URLs in env files?

[wilsonianb]

Here's the previous two related pr's:

• fix(auth): bring in Open API schemas for IdP and RS #684
• feat(auth): use split auth specs in app #692

The Rafiki specific specs use the shared Open Payments schemas file
https://github.com/interledger/rafiki/tree/main/packages/auth/src/openapi
https://github.com/interledger/open-payments/blob/main/openapi/schemas.yaml

So it is fetched instead of updating the $ref urls in the local files, and to support local dev using modified (pending changes to) specs/schemas:

• fix(auth): bring in Open API schemas for IdP and RS #684 (comment)

I suggested also fetching the relevant Open Payments spec(s)

• feat(auth): use split auth specs in app #692 (comment)

[mkurapov]

Can we also update the open-payments commit version in this PR

or would it make sense to export these from open-payments? so we can be sure both are using the same spec? This does seem vaguely familiar though... have we discussed this before?

[mkurapov]

We could even do it for both of backend and auth projects since open-payments contains both, which would eliminate the need for the packages/backend/src/openapi/auth-server.yaml dependency

[wilsonianb]

would it make sense to export these from open-payments?

I'm favor of defining the (default) commit in a single place.
It seems like that could happen while still allowing subsequent local tinkering of the specs
#684 (comment)

which would eliminate the need for the packages/backend/src/openapi/auth-server.yaml dependency

Did you mean resource-server.yaml?

[mkurapov]

Could we add a good error message here, for when the files can't be found?

https://interledgerfoundation.slack.com/archives/C0302LMKBT7/p1670413450794209?thread_ts=1670407497.730339&cid=C0302LMKBT7

[wilsonianb]

As is, we get something like

    ResolverError: Error opening file "/home/brandon/rafiki/packages/auth/src/openapi/auth-server.yaml"

      at ReadFileContext.callback (node_modules/.pnpm/@[email protected]/node_modules/@apidevtools/json-schema-ref-parser/lib/resolvers/file.js:52:20)

Are you thinking of having it mention the command to fetch the schemas?

[mkurapov]

Yes, that's what I was thinking, something along the lines of "Could not find Open API schema files. Did you run <command> ?"

[wilsonianb]

As long we remember not to change the command 😅

[mkurapov]

can we add a root level command?
"localenv:fetch-op-schemas": "pnpm --filter auth --filter backend fetch-schemas" , and then include it as part of the local env setup readme?

https://interledgerfoundation.slack.com/archives/C0302LMKBT7/p1670414356297499?thread_ts=1670407497.730339&cid=C0302LMKBT7

[wilsonianb]

I was thinking that devs would run through this environment setup before doing local env, but I guess that's not entirely necessary.
https://github.com/interledger/rafiki#environment-setup
Should we split out installing node & pnpm and fetching schemas into a separate prerequisite section?

I also noticed that as is it shouldn't work to have tests before fetch schemas.

[mkurapov]

Once the specs stabilize it would be good to have them be defined in a singular place, even like with the exported commit hash as you suggested - I am a bit worried about specs diverging accidentally

[mkurapov]

what do you think of openPaymentsAuthServerSpec? Likewise with openPaymentsResourceServerSpec in the backend?

Trying to see if there is a better way of distinguishing the several different spec we have

[wilsonianb]

This one here is actually authServerSpec (from https://github.com/interledger/rafiki/blob/main/packages/auth/src/openapi/resource-server.yaml)
I think openPaymentsAuthServerSpec would be https://github.com/interledger/open-payments/blob/main/openapi/schemas.yaml

What if we just called the first one introspection/tokenIntrospection for both the file name (make it consistent in both auth and backend) and the variable name?

[wilsonianb]

I'm gonna change https://github.com/interledger/rafiki/blob/main/packages/auth/src/openapi/resource-server.yaml to token-introspection.yaml with

Suggested change

	const authServerSpec = await createOpenAPI(
	const tokenIntrospectionSpec = await createOpenAPI(

and not

Suggested change

	const authServerSpec = await createOpenAPI(
	const tokenIntroSPECtion = await createOpenAPI(

and keep the other file and variable names as is.

[mkurapov]

The tokenIntrospectionSpec change makes sense, but it should be replacingresourceServerSpec variable (the one that contains the introspection route), right?

[wilsonianb]

Ha, yeah. I was thinking these comments were for packages/backend/src/index.ts 🙃